Explain the threat landscape (Exercise)
Threat landscape is comprised of three components:
- The areas that are vulnerable to attack.
- The people that are liable to make an attack.
- The types of attacks used.
In this exercise, we will create a report for Sam’s Scoops discussing the threat landscape.
As we create this document, bear in mind that our audience has a limited knowledge of online dangers, so keep it simple and explain all unfamiliar terms. We can also support our explanations with images and diagrams as needed.
The topics we will cover include:
- Identify three online threats and explain how each threat is caused.
- Highlight the potential dangers associated with each threat that we have identified.
- Prescribe some preventative methods that we can employ for Sam’s Scoops.
Case Study
The staff at Sam’s Scoops are excellent ice cream makers and make a product that is much loved in their seaside community; however, they know little about good online practices. Our task is to gather information on the do’s and don’ts of online actions and then share our findings with the team. To be more specific, we’ll identify three vulnerabilities, and for each one, we’ll describe the risk it brings, the type of attack that a cybercriminal might use to exploit it, and a mitigation technique that can be used to reduce risk and improve safety.
Instructions
Step 1: Identify plausible online threats
Identify three potential threats that present a risk to a budding ice cream business looking to establish an online presence. Consider the types of online activities that small businesses tend to engage in.
Step 2: Identify the risks posed by each threat
Once we have figured out the threats, explain how each one can put the company at risk of an attack.
Step 3: Identify attacks used to exploit each threat, and their effects
By which means might an attacker exploit each vulnerability, and how would the company be affected if an attack is carried out?
Step 4: Identify preventative measures relative to each threat that one can take to better protect the business
Make Sam’s team aware of what steps they can take to reduce vulnerabilities and better safeguard themselves against risks.
Step 5: Present your findings
Write a summary of what we have found and consult the example below to understand how to format our report. Remember that we are presenting to an audience with limited knowledge of online dangers, so keep it simple and explain all unfamiliar terms. We can also support our explanations with images and diagrams as needed.
Threat #1:
Vulnerability: Account password shared with an acquaintance**
Making a password known to even one person significantly raises the risk of that password ending up in the hands of someone with malicious intent.
Risk: Unintended access
The password may be used to gain access to an account by someone who isn’t meant to have it.
Attack: Theft of sensitive data
Once unauthorized access has been gained, an individual may acquire sensitive information such as personal and financial details.
Mitigation: Change the password, don’t share!
If a password has been shared, the account password should be changed immediately to render the shared one useless. And make sure no one knows the new password!
My Report
Let’s go through the steps and identify vulnerabilities, risks, potential attacks, and mitigation techniques for Sam’s Scoops:
Threat #1: Weak Password Management
Vulnerability: Using weak or easily guessable passwords for online accounts.
Risk: If an attacker successfully guesses or cracks a weak password, they can gain unauthorized access to Sam’s Scoops’ online accounts, potentially compromising sensitive information.
Attack: Brute Force Attack — An attacker systematically tries different combinations of passwords until the correct one is found.
Mitigation:
- Use Strong Passwords: Encourage the use of complex passwords that include a mix of upper and lower-case letters, numbers, and special characters.
- Implement Multi-Factor Authentication (MFA): Enable MFA wherever possible to provide an extra layer of security.
- Regular Password Updates: Advise staff to update their passwords periodically to reduce the risk of compromise.
Threat #2: Lack of Data Backup
Vulnerability: Failing to regularly back up important business data.
Risk: Without backups, Sam’s Scoops is at risk of losing critical data in case of accidental deletion, hardware failure, or cyberattacks.
Attack: Ransomware Attack — Cybercriminals may encrypt the business’s data and demand a ransom for decryption.
Mitigation:
- Regular Backups: Implement automated, regular backups of all important data, both locally and offsite.
- Test Restoration: Periodically test the data restoration process to ensure backups are functioning correctly.
- Educate Staff: Train employees on recognizing phishing attempts that could lead to ransomware attacks.
Threat #3: Lack of Employee Training
Vulnerability: Employees with limited knowledge of online dangers and cybersecurity best practices.
Risk: Uninformed employees are more likely to fall victim to phishing attacks, inadvertently download malware, or share sensitive information with unauthorized parties.
Attack: Phishing Attack — Cybercriminals send deceptive emails to trick employees into revealing sensitive information.
Mitigation:
- Cybersecurity Training: Conduct regular training sessions for employees to raise awareness about online threats and how to identify them.
- Simulated Phishing Exercises: Run simulated phishing campaigns to test and educate employees on recognizing phishing attempts.
- Create a Reporting Culture: Encourage employees to report any suspicious activities or emails immediately.
Conclusion
In this report, we’ve identified three online threats that Sam’s Scoops should be aware of and provided recommendations to mitigate these risks. It’s essential for the business to address weak password management, implement data backup strategies, and prioritize employee training to enhance its online security posture. By taking these preventive measures, Sam’s Scoops can significantly reduce its vulnerability to online threats and better safeguard its online presence and customer data.
Remember, educating employees and regularly updating security practices are essential steps toward a safer online environment.
Note: You can find more details about this case study on Microsoft Cybersecurity Analyst Professional Certificate training on Coursera.